Security Blogs
Latest Articles
template
category
category
security
What Keeps the CISO Awake at Night? Four Dreaded Security Headlines
Would your organization's security team be prepared if these headlines appear in tomorrow's news?
Domestic Intelligence Service of the Federal Republic of Germany Warns About Cyber Attacks
What's happened, how to investigate if you've been affected and what you should do next.
Knowledge is Power: Guidance from ICO and NCSC on GDPR Security Outcomes
The GDPR learnings are ongoing - are you keeping up?
Boss of the SOC (BOTS) Investigation Workshop for Splunk
You've played BOTS with Splunk, now learn the how it all happened? This post discusses a new tutorial app that you can run on the BOTS v1 dataset to learn more about BOTS and have an educational workshop at home (or office)
Boss of the SOC Scoring Server, Questions and Answers, and Dataset! Open-Sourced and Ready for Download
We have open-sourced the Boss of the SOC dataset (ver1.0) and BOT(S|N) scoring server. They can be used to run your own CTF, perform research, or train your internal users!
Strengthen Your SIEM And Be Ready For The GDPR
When facing the GDPR, your SIEM solution can be a great support for your organisation's compliance strategy, but if not strengthened - it can also be your downfall.
Use Investigation Workbench to Reduce Time to Contain and Time to Remediate
The latest version of Splunk Enterprise Security v 5.0 introduces Investigation Workbench, which streamlines investigations and accelerates incident response
Detecting Typosquatting, Phishing, and Corporate Espionage with Enterprise Security Content Update
Splunk’s Enterprise Security Content Update (ESCU) app can provide you with early warnings and situational awareness—powerful elements of an effective defense against adversaries
Ensuring Success with Splunk ITSI - Part 1: Thresholding Basics
Practical step-by-step guidance to configure ITSI to produce accurate and trusted alerts